Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?

Αρχική Σελίδα
Αυτό το μήνυμα είναι μέρος του ακόλουθου νήματος:
Mτο πλήρες δέντρο νημάτων ταξινομημένο κατά ημερομηνία
MDavid Woodhouse στο <-
MDavid Woodhouse στο ->
Delete this message
Reply to this message
Συντάκτης: Avleen Vig
Ημερομηνία:  
Προς: David Woodhouse
Υ/ο: Avleen Vig, exim-users
Αντικείμενο: Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?
On Sun, Mar 21, 2004 at 10:39:39PM +0000, David Woodhouse wrote:
> > You seem to believe that it is valid for (example) somebody@??? to
> > run an MTA on his local machine and send mail out with:
> > mail from: sombody@???
> > This should not be happening.
>
> Wrong. That kind of thing has _always_ happened and always been
> considered valid in the real world -- just not in the Brave New World of
> SPF.
> It happens especially in the case of mail forwarding, where
> somebody@??? sends mail to one of my local users with a .forward
> file, and then my system sends the mail on.

Your system, if the true relay for the domain, shouldn't have a problem.
Otherwise implement smarthosting.
What USED to be acceptable in the "real world" needs to change. We
accepted a change to close open relays, now we must accept further
change. Spam is a serious problem that costs companies more money than
you can imagine. I'm sorry to say this, but a minor inconvenience for
you is not a big deal. There are solutions for the forwarding problem
(which is really the only thing left people can use against SPF) and
that are not hard to implement.

> > This is the same behaviour as used by
> > trojan MTA's which send spam. I believe they now account for the
> > majority of spam sent outbound and am in the process of gathering the
> > imperical data to back this claim up.
>
> What would be the point in that? It shows nothing.
> We _agree_ that spammers use faked addresses in reverse-paths without
> the consent of the 'owner' of the address in question. The reverse-path
> is, in that context, 'invalid' for the mail. I agree that some way of
> rejecting these mails is useful.
>
> But you have asserted that SPF does "FAR more than just verify the
> sender's address". This is true -- SPF rejects a lot of valid email too.
> You were asked to explain what else SPF does; be explicit about this
> 'FAR more' that it does, and why it's of benefit. You haven't done so.

I was sure I had explained it in how it disallows mail from unauthorized
sources. This is more than verifying the sender address - it is
verifying the legitimacy of the relay itself. If most spam comes from
illegitimate relays, SPF does "far more" than just verify the name of
the sender.


Το μήνυμα αυτό δημοσιεύτηκε στις ακόλουθες λίστες:
Exim-users
Πληροφορίες για τις Ταχυδρομικές λίστες | Κοντινά μηνύματα		<-Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?->
Tahini and Hummus and Cumin Development Archives διαχειριζόμενη από cumin AdminsLurker (έκδοση2.3)